US6404862B1 - Authentication device - Google Patents

Authentication device Download PDF

Info

Publication number
US6404862B1
US6404862B1 US09311512 US31151299A US6404862B1 US 6404862 B1 US6404862 B1 US 6404862B1 US 09311512 US09311512 US 09311512 US 31151299 A US31151299 A US 31151299A US 6404862 B1 US6404862 B1 US 6404862B1
Authority
US
Grant status
Grant
Patent type
Prior art keywords
device
telephone
card
authentication
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
US09311512
Inventor
Nicholas Peter Holt
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujitsu Services Ltd
Original Assignee
Fujitsu Services Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Grant date

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers; Analogous equipment at exchanges
    • H04M1/66Substation equipment, e.g. for use by subscribers; Analogous equipment at exchanges with means for preventing unauthorised or fraudulent calling
    • H04M1/667Preventing unauthorised calls from a telephone set
    • H04M1/67Preventing unauthorised calls from a telephone set by electronic means
    • H04M1/675Preventing unauthorised calls from a telephone set by electronic means the user being required to insert a coded card, e.g. a smart card carrying an integrated circuit chip

Abstract

An authentication device consists of a hand-held unit having a receptacle for a smart card and an audio interface for communication with a telephone line. A challenge-and-response authentication procedure is performed between the smart card and a remote service. The device is dedicated solely to said authentication procedure and has no display.

Description

BACKGROUND TO THE INVENTION

This invention relates to an authentication device for use over a telephone line.

There are a number of situations where a person may be required to authenticate his or her identity to a remote service over a telephone line. For example, authentication is required when a customer calls a bank to obtain account details, or when a person calls a government department in connection with a benefit claim. Conventional methods, such as asking for date of birth or mother's maiden name, provide only a minimal degree of security.

U.S. Pat. No. 5,406,619 describes a universal authentication device which is the size and shape of a credit card, and contains a microprocessor, keypad, LCD display, and audio interface for receiving and transmitting signals over a telephone line when the device is held close to the telephone earpiece or mouthpiece. In operation, the remote service sends a random challenge over the telephone line to the device. The device generates a response, e.g. by encrypting the challenge, and returns the response over the telephone line to the remote service. The remote service compares the response with the expected response, and if they match, authenticates the user.

PCT Patent Application No. 95/04328 describes a portable hand-held device containing a microprocessor, keypad, LCD display, and audio interface for connection to a telephone line. The device also contains a receptor for an integrated circuit card (smart card). The device may be used for a large number of functions, controlled by program modules stored internally or on the smart card. One function provides identification of the user via the telephone, using a challenge and response mechanism.

A problem with both of these prior proposals is that they are relatively complex, and hence would be relatively expensive to implement. The object of the present invention is to provide an improved authentication device, which does not have these disadvantages.

SUMMARY OF THE INVENTION

According to the invention an authentication device comprises a hand-held unit having a receptacle for a smart card and an audio interface for communication with a telephone line to permit a challenge-and-response authentication procedure between the smart card and a remote service, the device being dedicated solely to said authentication procedure and having no display.

It will be seen that, because the device is dedicated solely to the authentication procedure and has no display, it can be implemented very simply and cheaply. In a preferred form of the invention, the device also has no keypad, allowing it to be implemented even more cheaply.

BRIEF DESCRIPTION OF THE DRAWINGS

FIGS. 1, 2 and 3 are front, side and back views of a first authentication device.

FIG. 4 is a back view of an alternative form of the device.

FIG. 5 is a front view of another alternative form of the device.

DESCRIPTION OF AN EMBODIMENT OF THE INVENTION

One authentication device in accordance with the invention will now be described by way of example with reference to the accompanying drawings.

Referring to FIGS. 1 to 3, the authentication device is a hand-held unit, comprising a main body 1, with a flap 2 connected to the main body by a hinge 3. The main body 1 has a slot 4 which can receive a smart card 5. The device contains two flat audio transducers 6, 7 which act as loudspeaker and microphone respectively. The loudspeaker 6 is mounted in the main body 6, and in this example is a piezo-electric transducer. The microphone 7 is mounted in the flap 2, and in this example is a sub-miniature electret device. The microphone 7 is slidable within a slot 8 to allow adjustment of the distance between the two transducers 6 and 7. A light-emitting diode (LED) 9 is provided on the back of the flap 2.

In the present example, the main body is 96 mm×62.5 mm in size, and can receive an 85 mm×52.5 mm smart card. The distance between the centres of the two transducers 6 and 7 can be adjusted in the range 96 mm to 140 mm.

The device also contains electronics (not shown) for interfacing to the smart card and for sending and receiving information over the telephone connection by way of the audio transducers. In effect, these electronics provide a simple modem (modulator/demodulator) unit. The electronics, the LED, and also the smart card, are powered by a battery (not shown), housed within the device.

When the device is not in use, the flap 2 is folded against the main body 1, and in use it is folded outwards into the position as shown in FIGS. 1-3. The smart card 5 may normally be kept in its slot 4 when the device is not in use, so that the device acts as a wallet for protecting the card. Some form of seal (not shown) may be provided to prevent dirt from entering the slot 4, which could foul the contacts for the card.

Opening the device activates it, and the LED 9 starts flashing to indicate that the device is ready for use. The device remains activated for a predetermined time-out period, after which it is deactivated to conserve the battery.

When the device is opened out into its in-use position, it can be placed over a telephone handset (not shown), with the loudspeaker 6 next to the telephone mouthpiece and the microphone 7 next to the telephone earpiece. When so positioned, the device can send tone signals over the telephone line, by way of the loudspeaker 6, and can receive signals from the telephone line, by way of the microphone 7. It may be necessary to adjust the distance between the transducers 6, 7 to suit the particular handset, by sliding the microphone 7 within the slot 8.

In use, the user first dials up the remote service that the user wishes to access, on a conventional telephone. When the service answers, it prompts the user, by means of a voice message, to place the activated device over the telephone handset. The remote service and the device then exchange tone signals, similar to conventional modems establishing a link with each other: the remote service repeatedly sends a tone signal to the device until the device responds. This informs the remote service that the device is now ready.

The remote service then transmits a randomly-generated challenge to the device, as a series of tones over the telephone line. The device receives the challenge and passes it to the smart card. The smart card encrypts the challenge, using a private key stored in the smart card, so as to generate a response. The device then transmits the response to the remote service, as a series of tones over the telephone line. The device also transmits the user's identity.

When the remote service receives the response, it decrypts the response using the user's public key, and compares it with the challenge. If they match, the user's identity is authenticated, and the remote service returns a confirmation message to the device. When the device receives this confirmation message, it illuminates the LED 9 continuously, to indicate that the user may now remove the device from the handset. Access to the service can now proceed in the normal manner.

It should be noted that the device described above has no keypad or display, and is dedicated solely to the function of authenticating the user, and can therefore be very simple and cheap.

Some Possible Modifications

It will be appreciated that many modifications may be made to the system described above without departing from the scope of the present invention.

For example, as shown in FIG. 4, a keypad 10 may be provided, to allow the user to enter a PIN to activate the smart card. This allows the user to prove to the smart card that it is in the possession of the right person. The keypad may be a conventional flat rubber mat type keypad.

Instead of providing a keypad on the device, the telephone dialling keypad may be used to enter the user's PIN into the device. This involves the risk of the tones being overheard. However, it also allows the PIN to be checked by the remote service, which can, if required, take action if it detects more than a predetermined number of attempts to enter a wrong PIN.

Instead of using a keypad, the device could incorporate a biometric sensor, for example a fingerprint reading device. The biometric data together with data securely stored on the smart card (and/or data stored in the remote service), would be used to authenticate that the card was in the possession of its rightful owner, and would thus eliminate the need for entry of the user's PIN. A related possibility would be to use voice-recognition technology, either via the microphone on the device, or over the telephone line.

In another possible modification, the device may contain only one audio transducer, which is used for both transmitting and receiving. This would require one or more further LEDs, to indicate whether the device is to be held against the earpiece or mouthpiece of the telephone.

Other forms of audio transducer may be used. For example, instead of using a microphone transducer, an induction device may be used to pick up electrical signals directly from the telephone handset. This option may not be suitable for some types of telephone.

Instead of having just one LED, the device may include a plurality of LEDs. For example, one LED may be used to indicate that the device is ready, and a second LED to indicate that the device can be removed from the telephone. Another possibility would be to use a single, multi-colour LED, although this might cause problems for colour-blind people.

Instead of a contact-connected smart card, a contactless smart card could be used. This would significantly improve the reliability of the device by eliminating the possibility of dirty contacts.

In the embodiment described above, the device comprises two parts. However, it will be appreciated that other configurations are possible. For example, as shown in FIG. 5, the device may comprise a main body 11 with two flaps 12, 13, connected to the main body by hinges 14, 15, and with audio transducers 16, 17 mounted in the flaps.

In the described embodiment, the remote service and the device exchange tone signals in order to establish a link with each other, before the remote service sends a challenge. Alternatively, if the signal standards were pre-defined (e.g. bit rate, modulation type etc.) it would be possible for the remote service just to send the challenge repeatedly, until it receives a response.

Claims (5)

What is claimed is:
1. An authentication device comprising a hand-held unit having a receptacle for a smart card and a bidirectional audio interface for communication with a telephone line by respectively sending sound signals to and receiving sound signals from a telephone mouthpiece and earpiece, to permit a challenge-and-response authentication procedure between the smart card and a remote service, the device being dedicated solely to said authentication procedure and having no display.
2. An authentication device according to claim 1 wherein the device has no keypad.
3. An authentication device according to claim 1 wherein the audio interface comprises at least one flat audio transducer.
4. An authentication device according to claim 1, including at least one indicator light for indicating when the device should be placed adjacent to a telephone earpiece and mouthpiece to allow reception and transmission.
5. A method of authenticating a person's identity over a telephone line, comprising the steps:
(a) providing an authentication device comprising a hand-held unit having a receptacle for a smart card and a bidirectional audio interface for communication with a telephone line by respectively sending sound signals to and receiving sound signals from a telephone mouthpiece and earpiece; and
(b) performing a challenge-and-response authentication procedure between the smart card and a remote service, the device being dedicated solely to said authentication procedure and having no display.
US09311512 1998-05-29 1999-05-13 Authentication device Expired - Fee Related US6404862B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB9811446A GB9811446D0 (en) 1998-05-29 1998-05-29 Authentication device
GB9811446 1998-05-29

Publications (1)

Publication Number Publication Date
US6404862B1 true US6404862B1 (en) 2002-06-11

Family

ID=10832831

Family Applications (1)

Application Number Title Priority Date Filing Date
US09311512 Expired - Fee Related US6404862B1 (en) 1998-05-29 1999-05-13 Authentication device

Country Status (2)

Country Link
US (1) US6404862B1 (en)
GB (2) GB9811446D0 (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030005294A1 (en) * 2001-06-29 2003-01-02 Dominique Gougeon System and method for restoring a secured terminal to default status
US20030157904A1 (en) * 2002-02-21 2003-08-21 Bloomberg Michael R. Computer terminals biometrically enabled for network functions and voice communication
US20040016811A1 (en) * 2002-04-19 2004-01-29 Cross Match Technologies, Inc. Mobile handheld code reader and print scanner system and method
US6742713B1 (en) * 1999-06-04 2004-06-01 Deutsche Telekom Ag Access controlled system with acoustic mechanical verification transmitter
US20050020887A1 (en) * 2001-10-11 2005-01-27 Jason Goldberg Medical monitoring device and system
US20050071197A1 (en) * 2003-08-07 2005-03-31 Jason Goldberg Personal health management device, method and system
US20050243619A1 (en) * 2004-04-30 2005-11-03 Brown Michael K Device authentication
US20060095788A1 (en) * 2004-11-03 2006-05-04 Alexandre Bronstein Authenticating a login
US20060147000A1 (en) * 2004-12-22 2006-07-06 Schlumberger Omnes, Inc. Method for in-band entity authentication via telephone
US20120030480A1 (en) * 2007-12-18 2012-02-02 Sony Ericsson Mobile Communications Japan, Inc. Battery pack and electronic apparatus
US8882666B1 (en) 1998-05-08 2014-11-11 Ideal Life Inc. Personal health monitoring and/or communication system
US8950680B2 (en) 2007-11-28 2015-02-10 Visa U.S.A. Inc. Multifunction removable cover for portable payment device
US9256910B2 (en) 2003-07-15 2016-02-09 Ideal Life, Inc. Medical monitoring/consumables tracking device

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4430728A (en) * 1981-12-29 1984-02-07 Marathon Oil Company Computer terminal security system
US4694492A (en) * 1984-11-09 1987-09-15 Pirmasafe, Inc. Computer communications security control system
US5351296A (en) * 1993-03-29 1994-09-27 Niobrara Research & Development Corporation Financial transmission system
WO1995004328A1 (en) * 1993-07-30 1995-02-09 Intellect Australia Pty. Ltd. Device and method for ic cards
US5406619A (en) * 1992-04-06 1995-04-11 At&T Corp. Universal authentication device for use over telephone lines
US5740232A (en) * 1994-05-06 1998-04-14 France Telecom Smart card based system for telephone-securized transactions
US5770849A (en) * 1996-08-23 1998-06-23 Motorola, Inc. Smart card device with pager and visual image display
US5987155A (en) * 1997-10-27 1999-11-16 Dew Engineering And Development Limited Biometric input device with peripheral port

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3248400A1 (en) * 1981-12-30 1983-07-28 Avigdor Grynberg Nachpruefanordnung for remote authorization-
GB8525161D0 (en) * 1985-10-11 1985-11-13 Blackwell V C Personalised identification device

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4430728A (en) * 1981-12-29 1984-02-07 Marathon Oil Company Computer terminal security system
US4694492A (en) * 1984-11-09 1987-09-15 Pirmasafe, Inc. Computer communications security control system
US5406619A (en) * 1992-04-06 1995-04-11 At&T Corp. Universal authentication device for use over telephone lines
US5351296A (en) * 1993-03-29 1994-09-27 Niobrara Research & Development Corporation Financial transmission system
WO1995004328A1 (en) * 1993-07-30 1995-02-09 Intellect Australia Pty. Ltd. Device and method for ic cards
US5740232A (en) * 1994-05-06 1998-04-14 France Telecom Smart card based system for telephone-securized transactions
US5770849A (en) * 1996-08-23 1998-06-23 Motorola, Inc. Smart card device with pager and visual image display
US5987155A (en) * 1997-10-27 1999-11-16 Dew Engineering And Development Limited Biometric input device with peripheral port

Cited By (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8882666B1 (en) 1998-05-08 2014-11-11 Ideal Life Inc. Personal health monitoring and/or communication system
US6742713B1 (en) * 1999-06-04 2004-06-01 Deutsche Telekom Ag Access controlled system with acoustic mechanical verification transmitter
US6983364B2 (en) * 2001-06-29 2006-01-03 Hewlett-Packard Development Company, Lp. System and method for restoring a secured terminal to default status
US20030005294A1 (en) * 2001-06-29 2003-01-02 Dominique Gougeon System and method for restoring a secured terminal to default status
US20050020887A1 (en) * 2001-10-11 2005-01-27 Jason Goldberg Medical monitoring device and system
US9378347B2 (en) 2002-02-21 2016-06-28 Bloomberg Finance L.P. Computer terminals biometrically enabled for network functions and voice communication
WO2003073378A3 (en) * 2002-02-21 2004-05-27 Bloomberg Lp Computer terminals biometrically enabled for network functions and voice communication
US20030157904A1 (en) * 2002-02-21 2003-08-21 Bloomberg Michael R. Computer terminals biometrically enabled for network functions and voice communication
WO2003073378A2 (en) * 2002-02-21 2003-09-04 Bloomberg L.P. Computer terminals biometrically enabled for network functions and voice communication
US7418255B2 (en) * 2002-02-21 2008-08-26 Bloomberg Finance L.P. Computer terminals biometrically enabled for network functions and voice communication
US9912793B2 (en) 2002-02-21 2018-03-06 Bloomberg Finance L.P. Computer terminals biometrically enabled for network functions and voice communication
US20040016811A1 (en) * 2002-04-19 2004-01-29 Cross Match Technologies, Inc. Mobile handheld code reader and print scanner system and method
US7073711B2 (en) * 2002-04-19 2006-07-11 Cross Match Technologies, Inc. Mobile handheld code reader and print scanner system and method
US9256910B2 (en) 2003-07-15 2016-02-09 Ideal Life, Inc. Medical monitoring/consumables tracking device
US8571880B2 (en) 2003-08-07 2013-10-29 Ideal Life, Inc. Personal health management device, method and system
US20050071197A1 (en) * 2003-08-07 2005-03-31 Jason Goldberg Personal health management device, method and system
US7647498B2 (en) * 2004-04-30 2010-01-12 Research In Motion Limited Device authentication
US20100106970A1 (en) * 2004-04-30 2010-04-29 Research In Motion Limited Device authentication
US20110191585A2 (en) * 2004-04-30 2011-08-04 Research In Motion Limited Device Authentication
US20050243619A1 (en) * 2004-04-30 2005-11-03 Brown Michael K Device authentication
US8156336B2 (en) 2004-04-30 2012-04-10 Research In Motion Limited Device authentication
US8171303B2 (en) * 2004-11-03 2012-05-01 Astav, Inc. Authenticating a login
US20060095788A1 (en) * 2004-11-03 2006-05-04 Alexandre Bronstein Authenticating a login
US20060147000A1 (en) * 2004-12-22 2006-07-06 Schlumberger Omnes, Inc. Method for in-band entity authentication via telephone
US8950680B2 (en) 2007-11-28 2015-02-10 Visa U.S.A. Inc. Multifunction removable cover for portable payment device
US8424092B2 (en) * 2007-12-18 2013-04-16 Mitsumi Electric Co., Ltd. Electronic apparatus for authenticating a battery pack
US20120030480A1 (en) * 2007-12-18 2012-02-02 Sony Ericsson Mobile Communications Japan, Inc. Battery pack and electronic apparatus

Also Published As

Publication number Publication date Type
GB9811446D0 (en) 1998-07-22 grant
GB9910440D0 (en) 1999-07-07 grant
GB2337894B (en) 2000-05-10 grant
GB2337894A (en) 1999-12-01 application

Similar Documents

Publication Publication Date Title
US5635701A (en) Portable device for the functional linking of a chip card with a central processing unit
US5265162A (en) Portable pin card
US5940187A (en) Method for certifying facsimile communications over a telephone network
US6461193B1 (en) Data card connector
US7533828B2 (en) Electronic credit card—ECC
US6774796B2 (en) Master authenticator
EP0185365A1 (en) A pay phone system or a pay service system
US8260262B2 (en) Systems for three factor authentication challenge
US6257486B1 (en) Smart card pin system, card, and reader
US5513272A (en) System for verifying use of a credit/identification card including recording of physical attributes of unauthorized users
US6151677A (en) Programmable telecommunications security module for key encryption adaptable for tokenless use
US20040205350A1 (en) Low cost secure ID card and system
US5953700A (en) Portable acoustic interface for remote access to automatic speech/speaker recognition server
US6600430B2 (en) Vehicle wireless data communication system
US5740232A (en) Smart card based system for telephone-securized transactions
US6904520B1 (en) Method and system for ensuring the securing of computer servers of games
US5311594A (en) Fraud protection for card transactions
US20070145119A1 (en) System for identifying an individual in an electronic transaction
US5343519A (en) Autodialer with pin feature
US5583933A (en) Method and apparatus for the secure communication of data
US4779224A (en) Identity verification method and apparatus
US5406619A (en) Universal authentication device for use over telephone lines
US6763249B2 (en) Electronic device and unique information management method
US6704715B1 (en) Method and system for ensuring the security of the remote supply of services of financial institutions
US6151493A (en) Device for prohibiting unauthorized use of electronic devices

Legal Events

Date Code Title Description
AS Assignment

Owner name: INTERNATIONAL COMPUTERS LIMITED, UNITED KINGDOM

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:HOLT, NICHOLAS PETER;REEL/FRAME:009965/0582

Effective date: 19990430

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

REMI Maintenance fee reminder mailed
LAPS Lapse for failure to pay maintenance fees
FP Expired due to failure to pay maintenance fee

Effective date: 20140611